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The MAILING DATE of this communication appears on the cover sheet with the correspondence address 
Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1.136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 1 33). 

- Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1 .704(b). 

Status 

1 )IEI Responsive to communication(s) filed on 28 July 2003 . 
2a)[3 This action is FINAL. 2b)Q This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quay/e, 1935 CD. 1 1 , 453 O.G. 213. 

Disposition of Claims 

4) [3 Claim(s) 1-21 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) Q Ciaim(s) . is/are allowed. 

6) |EI Claim(s) 1-21 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10)D The drawing(s) filed on is/are: a)D accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 

Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 
1 1 )□ The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 
Priority under 35 U.S.C. §§ 119 and 120 

12) ^ Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 19(a)-(d) or (f). 

a)[EI All b)D Some*c)D None of: 

1 .□ Certified copies of the priority documents have been received. 

2. Q Certified copies of the priority documents have been received in Application No. . 

3. KI Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 

13) D Acknowledgment is made of a claim for domestic priority under 35 U.S.C. § 1 19(e) (to a provisional application) 

since a specific reference was included in the first sentence of the specification or in an Application Data Sheet. 
37 CFR 1.78. 

a) □ The translation of the foreign language provisional application has been received. 

14) D Acknowledgment is made of a claim for domestic priority under 35 U.S.C. §§ 120 and/or 121 since a specific 

reference was included in the first sentence of the specification or in an Application Data Sheet. 37 CFR 1 .78. 
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1) □ Notice of References Cited (PTO-892) 

2) O Notice of Draftsperson's Patent Drawing Review (PTO-948) 

3) O Information Disclosure Statement(s) (PTO-1449) Paper No(s) . 



4) O Interview Summary (PTO-413) Paper No(s). 

5) [H Notice of Informal Patent Application (PTO-152) 

6) □ Other: 



U.S. Patent and Trademark Office 

PTOL-326 (Rev. 11-03) 
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DETAILED ACTION 

1 . This Action is in response to applicant's correspondence of 28 July 2003. 

2. Corrections on the mark up copy are suppose to follow the following procedure: 
brackets [ ] are used to indicate what is taken out and underlining is used to indicate 
what is to be replaced. These procedure is what the typesetter uses to produces the 
final copy of the patent and corrections following other methods are not considered. 
Therefore a new mark up copy must be supplied in the response to this action. 

Claim Rejections - 35 USC § 102 
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
States. 

1. Claims 1-2 and 13-19 are rejected under 35 U.S.C. 102(b) as being anticipated 
by Tajalliet. al. US 531 359 A. 

2. As per claim 1 , the limitation of forming a least two trust group (sets) within a 
computer is disclosed by Tajalli (Column 6, lines 32-35; 50-53). Tajalli groups programs 
into High Integrity (most trusted because they are stored on a protected media), 
approved applications, and unapproved applications (Column 6, 27-30; 40-41; 56-59). 
Objects and processes are assigned these groups "regardless of the privileges or 
attributes given to the application program or ordinary user by the underlying operating 
system" (Column 6, lines 2-4). This prevent hostile code (viruses and Trojan horses) 
from creating modified versions of itself (Column 7, 60-63). Tajalli also institutes a 
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controlled execution CE system which prevent users and application programs from 
executing any application program which is not an approved application program 
(Column 7, lines 17-20) that is, the CE checks to see if a program is approved before it 
allows execute. Claim 1 is rejected. 

3. As per claim 2, the limitation of assigning a program upon its creation to a trust 
group is explicit in as all programs are classed either trusted (HI) and protected, 
approved, or unapproved (Column 6, columns 20-60). Tajalli makes a comparison 
based upon trust level when a program is created (Column 7, lines 17-20). Claim 2 is 
rejected. 

4. As per claim 13, the limitation of a computer with object and processes is 
disclosed by Tajalli (Column 8, 56-58; Column 7, line 54) assigns one or more trust 
group irrespective of the rigts of a user Tajalli (Column 6, 1-8). A controller configured 
to access table and allow an operation of process over an object or a second process is 
disclosed by Tajalli according to a comparison of the trust groups (Column 6, lines 17- 
23; Column 7, lines 49-51). Claim 13 is rejected. 

5. As per claim 14, the limitation of a table of types is disclosed by Tajalli (Column 
7, lines 17-20). Tajalli to determine whether an application program is approved or not, 
thus it would have to have acess to list (table) of approved programs (and possible 
unapproved programs) to make such a determination which is stored in protected 
memory (Column 6, lines 39-42; Column 10, lines 14-23 and 54-62). Claim 14 is 
rejected. 
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6. As per claims 15 and 16, the limitation that the storage is non-volatile memory is 
disclosed by Tajalli (Column 10, line 15-20). Claims 15 and 16 are rejected. 

7. As per claim 17, the limitation of table of rules wherein controller access such 
rules is disclosed by Tajalli (Column 17, line 32-34). Claim 17 is rejected. 

8. As per claim 18, the limitation that the rules table is stored in a non-volatile 
memory is disclosed by Tajalli (Column 17, lines 32-37; Column 10, lines 14-23 and 54- 
62). 

9. As per claim 19, the limitation of a network in which the network include a server, 
is disclosed by Tajalli (Column 2, lines 5-9). Claim 19 is rejected. 

Claim Rejections - 35 USC § 103 

10. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

11. Claims 3-12 and 20-21 rejected under 35 U.S.C. 103(a) as being unpatentable 
over Tajalli as applied to claim 1 above, and further in view of Munroe EP 0472487 A2. 

12. As per claims 3-6, the limitations of changing trust group of the process after 
such an operation assigning, Tajalli is silent. Munroe discloses the assignment of 
process/object to domains (trust groups), and further establishes a hierarchical domain 
levels such that upon creation of a process if the domain attributes are the same or if 
the procedure will execute in the domain of the task that called it (Column 7, lines 20- 
58; Column 8, line 1). Munroe notes that a hierarchical system is preferable because 



Application/Control Number: 10/037,560 Page 5 

Art Unit: 2135 

there is a balance between security and flexibility and incorporating a hierarchical 
domain structure. Thus one of ordinary skill in the art would have been motivated to 
increase the flexibility of the Tajalli by incorporating a domain structure. Claims 3-6 are 
rejected. 

13. As per claims 7 and 8, the limitations that the trust groups are hierarchically 
ordered (Column 6, lines 10-12), allowing task (operation) when the domain (trust 
group) of the process is higher or equal in the hierarchy (Column 6, lines 1 7-23), 
denying (no allowing) the task if the trust group of the process is lower on the hierarchy 
than the trust group of the object or second process (Column 4, lines 20-26; Figure 5). 
Claims 7 and 8 are rejected. 

14. As per claim 9, the limitation of defining at least two types (as defined of object is 
disclosed by Munroe and assigning objects to types (Column 5, lines 53-58; Column 6 
line 1) and allowing operation over an object is further carried out according to type 
(Column 6, lines 28-44). Claim 9 is rejected. 

1 5. As per claims 1 0 and 1 1 , the limitation of defining two types of processes and 
assigning type and allowing the process to execute based on type is disclosed by 
Munroe (Column 7, lines 24-32). Claims 10 and 1 1 are rejected. 

1 6. As per claim 1 2, the limitation of defining at least two types of storage method 
and assigning trust group to a type of storage message is disclosed by Tajalli (Column 
13, lines 53-57). Claim 12 is rejected. 

1 7. As per claim 20-21 , the limitation that the tables (and/or the table of rules or 
security policies) are stored on the server 
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18. Claims 20-21 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Tajalli. 

19. As per claims 20 and 21 , the limitation that the tables and security policies reside 
on the network server is not addressed in Tajalli. Tampering by the user is a concern 
of Tajalli (see Column 1 0, lines 1 5-25). The examiner takes official notice that security 
polices are placed on the network server. Therefore one of ordinary skill in the art 
would have been motivated by Tajalli's concern and which is well known in the art to 
have implement Tajalli system on a network through the network service, by installing 
the tables and rules on the server for protection. Claims 20-21 are rejected. 

THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the mailing date of this final action. 



Response to Arguments 
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Applicant's arguments filed 28 July 2003 have been fully considered but they are 
not persuasive. 

20. Claim 1 and 1 3 are independent with claim 1 3 a computer for carrying out the 
laminations recited in process claim 1. Claims 1-2 and 13-19 are rejected under 102 (b) 
as being anticipated by Tajalli US 5361359 A and claims 3-12 and 20-21 are rejected 
under 103 (a) Tajalli in view of Munroe EP 0472487 A2. 

21 . With regards to the limitations of claim 1 , the limitation of defining at least two 
trust groups within a computer is disclosed by Tajalli (Column 6, lines 32-35; 50-53; 54- 
62) establishes protected media within the system that operations and processes may 
run (Figure 5), which would constitute the defining of two or more trust groups. The 
limitation that the processes and operations may run irrespective of the rights of the 
user is disclosed by Tajalli (Column 6, lines 2-4). The limitation of comparison of a trust 
group upon operation of a process or operation on an object (e.g. file), and performing a 
comparison is disclosed by Tajalli (Column 7, lines 18-21) in which the code undergoes 
controlled examination and further Column 14, lines 57-65) focusing on the relative 
recent source changes. Such comparison or testing would have to be carried out in 
controlled areas (or trusted area) of the system for security reasons. The limitation of 
allowing the operation/process to execute depending on the results is disclosed 
(Column 16, lines 46-48). Tajalli meets all limitations of independent claim 1 and in 
turn claim 13. Munroe EP 0472487 A2 was not used to meet the limitation of the 
trusted group or area. 

Conclusion 
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Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to James Seal whose telephone number is 703 308 4562. 
The examiner can normally be reached on M-F, 8-5. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kim Vu can be reached on 703 305 971 1 . The fax phone number for the 
organization where this application or proceeding is assigned is (703) 872-9306. 

Any inquiry of a general nature or relating to the status of this application or 
proceeding should be directed to the receptionist whose telephone number is 703 308 
3900. 
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